DOCKET NO.: MSFT-28 18/305956.01 PATENT 

Application No.: 10/693,061 

Office Action Dated: December 12, 2007 

REMARKS 

Claims 1-3, 5-17, 19-30, and 32-41 are pending in the present application as amended. 
Independent claims 1,15, and 29 have been amended. Claims 42-45 have been canceled. No 
claims have been newly added. Applicants respectfully submits that no new matter has been 
added. In particular, Applicants respectfully submit that the additional claim language in the 
independent claims is found in the application as filed at least in the discussion in connection 
with Figure 5. 

Telephone Conversation With Examiner 

Applicants' representative thanks Examiner Gyorfi for the telephone conversation 
conducted on February 21, 2008. Proposed claim amendments were discussed. Examiner 
Gyorfi stated that the amendments seemed reasonable. No agreements were reached. 

Claim Rejections - 35 U.S.C. S 103 

The Examiner has rejected the claims under 35 U.S.C. § 103(a) as being obvious over 
Boebert et al. (U.S. Patent No. 5,822,435) in view of an on-line article from the Tom's 
Hardware web site (hereinafter, 'Tom's'). Applicants respectfully traverse the Section 103 
rejection insofar as it may be applied to the claims as amended. 

Applicants respectfully point out that the independent claims of the present 
application have all been amended to emphasize that the flow of user input first is received at 
the second (standard) execution environment (the left side in Fig. 5), from which the flow is 
then initially directed to the secured execution environment (the right side in Fig. 5) and then 
is subsequently directed based on the input mode of the secured execution environment. In 
particular, if the secured execution environment is in a standard input mode, at least a first 
portion of the user input is transferred back to the second execution environment. In this 
manner, the secured execution environment can review all user inputs in a secure fashion to 
determine whether the user inputs include a user NIM indication that the secured execution 
environment should be changed from the standard input mode, where the inputs are directed 
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back to the standard executing environment, to a nexus input mode where the inputs are 
instead directed to the secured executing environment. 

The Boebert reference discloses a method and apparatus to ensure secure 
communications over an unsecured communications medium between a user working on an 
unsecured workstation 40 and a host computer 60. As shown in Fig. 3 of Boebert, the host 
computer 60 includes a trusted subsystem 67 and an un-trusted subsystem 63 which are 
respectively akin to the secured executing environment and the second executing 
environment of the claims of the present application. 

As the Examiner points out, Fig. 3 of the Boebert reference shows a trusted path 
subsystem 30 at the workstation 40 that operates in normal mode and in trusted path mode. 
When in normal mode, workstation trusted path subsystem 30 is transparent to workstation 
40. Logical switches 37 and 38 are in the UP position, connecting workstation processor 40 
directly to keyboard 20 and display 10. This permits the free transfer of information from 
keyboard 20 to workstation 40 and from workstation 40 to display 10. Thus, in normal mode, 
a trusted subsystem 67 at the host computer 60 is not involved in the flow of Boebert user 
inputs. Instead, such trusted subsystem 67 is only involved when the user invokes a trusted 
path mode. In particular, in trusted path mode, keyboard manager 36 intercepts keyboard 
data intended for workstation 40. The data is then routed to cryptographic entity 35, where it 
is encrypted before being passed over auxiliary port 42 to workstation processing unit 40. 
Thus, keyboard inputs are protected from eavesdropping and undetected modification until 
they are decrypted by cryptographic entity 69 in the trusted subsystem 67 on host computer 
60. 

As should be appreciated, then, the Boebert reference does not disclose or even 

suggest that Boebert user inputs are first accepted at a second execution environment, are 

then initially directed from the second execution environment to the secured execution 

environment and are then subsequently directed based on the input mode of the secured 

execution environment, as is now recited in independent claims 1,15, and 29 of the present 

application. Instead, and again, the Boebert user input is only directed to the trusted 

subsystem 67 if the user invokes a trusted path mode. 
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Thus, the Boebert reference also does not disclose or suggest determining at the 
secured executing environment from the Boebert user input whether the user input comprises 
a user NIM indication that the secured execution environment should be in a nexus input 
mode, and if so switching the secured execution environment to the nexus input mode, as is 
also now recited in independent claims 1,15, and 29. Instead, and again, the Boebert user 
invokes a trusted path mode, and not the trusted subsystem 67. 

The Tom's reference is cited mainly to show a keyboard integrated within a computer, 
and therefore also does not disclose or even suggest the aforementioned features that are now 
recited in claims 1,15, and 29. 

Accordingly, Applicants respectfully submit that the combination of the Boebert 
reference and the Tom's reference does not disclose or even suggest that user input follow a 
path from a second executing environment to a secured executing environment so that the 
secure executing environment can review the user input and determine therefrom whether to 
switch from a standard input mode to a nexus input mode, as is recited in independent claims 
1,15, and 29 of the present application. As a result, Applicants respectfully submit that the 
cited references cannot be combined to make obvious such independent claims or any 
depending claims depending from such independent claims. Thus, Applicants respectfully 
request reconsideration and withdrawal of the Section 103 rejection. 
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CONCLUSION 

In view of the foregoing Amendment and Remarks, Applicants respectfully submit 
that the present application including claims 1-3, 5-17, 19-30, and 32-41 is in condition for 
allowance and such action is respectfully requested. 

Respectfully Submitted, 
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